Re: [PATCH v6 4/6] selftests/mm/vm_util: robust write_file()
From: Chunyu Hu
Date: Sun Mar 29 2026 - 05:22:21 EST
On Thu, Mar 26, 2026 at 11:03:49PM -0700, Andrew Morton wrote:
> On Tue, 24 Mar 2026 09:33:14 +0800 Chunyu Hu <chuhu@xxxxxxxxxx> wrote:
>
> > Add two more checks for buflen and numwritten. The buflen should be at
> > least one, otherwise the 'buflen - 1' could underflow and cause trouble.
> > The numwritten should be equal to 'buflen - 1'. The test will exit if
> > any of these conditions aren't met.
> >
> > Additionally, add more print information when a write failure occurs or
> > a truncated write happens, providing clearer diagnostics.
>
> This one has no review and AI review did identify a kinda-bug. Maybe
> nobody calls write_file() with buflen==1, but still worth addressing I
> think.
>
> https://sashiko.dev/#/patchset/20260324013316.2590422-1-chuhu%40redhat.com
>
> Chunyu, could you please take a look?
Andrew,
By limiting the buflen at least 2, it will avoid such an issue, this is
also suggested by Lorenzo. I'll fix this in next version.
AI question about that we need to handle error path and trucate path
(numwritten < 0) and (numwritten < buflen -1) seperately. That makes
sense. I'll handle that in next version.
"""
> + if (numwritten != buflen - 1)
> + ksft_exit_fail_msg("%s write(%s) is truncated, expected %zu bytes, got %zd bytes\n",
> + path, buf, buflen - 1, numwritten);
> }
This isn't a bug, but the new error messages here and above use %s to
format buf. Since the API requires an explicit buflen parameter and writes
buflen - 1 bytes, does using %s risk out-of-bounds reads if a caller
passes a buffer that is not null-terminated?
Would it be safer to use a precision specifier like %.*s and pass
(int)(buflen - 1) as the length to safely print the exact contents intended
to be written?
"""
That makes sense, I'll use %.*s instead for the buf print in next
version.
>
> Thanks.
>